Optimizations  in  Decision  Procedures  for  Propositional 
Linear  Inequalities 

Ofer  Strichman 


May  23,  2002 

CMU-CS-02-133 


School  of  Computer  Science 
Carnegie  Mellon  University 
Pittsburgh,  PA  15213 


Abstract 

Several  decision  procedures  that  were  published  in  the  last  few  years  for  sub-theories  of  propositional  linear 
inequalities,  i.e.  a  Boolean  combination  of  predicates  that  belong  to  the  theory,  are  based  on  a  graph-based 
analysis  of  the  formula's  predicates.  The  analysis  is  always  based  on  the  predicates  while  ignoring  the  Boolean 
connectives  between  them.  In  this  note  we  show  how  taking  this  information  into  account  can  significantly 
reduce  the  (practical)  complexity  of  the  decision  procedure. 
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1  Introduction 


Several  decision  procedures  that  were  published  in  the  last  few  years  [GSZ+98],  [PRSS99],  [BGV99], 
[BVOO],  [BGV01],  [SSB02]  for  equality  logic  (Boolean  combinations  of  equalities)  and  for  a  logic 
of  separation  predicates  (Boolean  combinations  of  predicates  of  the  form  x  >  y  +  c  where  x.  y  are 
variables  and  c  is  a  constant)  follow  similar  guidelines1.  First,  they  represent  the  predicates  of  the 
examined  formula  p  in  a  graph.  Second,  they  analyze  this  graph  in  order  to  apply  the  transitivity 
of  the  predicates.  This  can  result  in  a  list  of  explicit  constraints  [BV00.SSB02]  or  a  finite  range  of 
values  to  each  variable  [PRSS99.BGV99].  In  [GSZ+98]  the  structure  of  the  formula  is  not  analyzed 
explicitly,  but,  as  we  will  show  in  the  appendix,  our  method  is  applicable  to  it  as  well. 

We  illustrate  this  approach  with  the  work  of  Bryant  et  al.  [BVOO]  on  equality  logic.  Each  predi¬ 
cate  i  =  j  is  encoded  with  a  new  Boolean  variable  e,  j .  Let  p'  denote  the  encoded  formula.  In  order 
to  retain  the  transitivity  of  equality,  they  construct  an  undirected  graph  G(V,  E),  where  the  nodes 
in  V  represent  p’s  variables,  and  there  is  an  edge  in  E  between  two  nodes  i  and  j  if  and  only  if 
there  is  a  predicate  i  =  j  tor  i  f  j)  in  p.  Transitivity  of  equality  forbids  an  assignment  in  which  all 
edges  of  a  cycle  except  one  are  assigned  TRUE.  Thus,  it  is  sufficient  to  add  such  a  constraint  to  p' 
for  each  (simple)  cycle  in  the  graph.  This  construction  guarantees  that  p'  is  satisfiable  if  and  only  if 
p  is  satisfiable. 

The  added  constraints  reflect  the  transitivity  constraints  of  equality,  which  implicitly  exist  in  the 
original  formula.  But  since  each  constraint  adds  to  the  complexity  of  the  decision  procedure,  it  is 
interesting  to  check  whether  all  of  these  constraints  are  needed  in  order  to  preserve  the  soundness 
of  the  procedure.  More  specifically,  it  is  possible  that  with  a  more  careful  analysis  of  the  formula 
structure,  the  number  of  constraints  can  be  reduced.  This  improvement  is  the  subject  of  this  note. 

In  all  of  these  procedures,  the  graph  analysis  stage  is  based  only  on  the  predicates  in  p,  and  ig¬ 
nores  the  Boolean  connectives  (i.e.  conjunctions  and  disjunctions)  between  them.  Thus  the  formulas 
Pi  :x  =  y/\y  =  z/\z  =  x  and  P2  :x  =  yWy  =  z\/z  =  x  result  in  the  same  set  of  constraints 
(in  this  case  preventing  an  assignment  in  which  exactly  two  of  these  predicates  are  assigned  TRUE). 
But  as  we  will  show  in  the  next  section,  such  a  constraint  is  not  needed  for  p-2 .  Furthermore,  it  is 
possible  to  identify  this  fact  in  polynomial  time. 

While  our  method  reduces  the  number  of  constraints,  it  has  a  drawback  when  it  comes  to  recon¬ 
structing  a  satisfying  assignment  (rather  than  only  deciding  the  formula).  We  will  elaborate  on  this 
point  in  section  4. 

2  A  decision  procedure 

We  demonstrate  our  suggested  procedure  for  the  case  of  equality  predicates  [BVOO] .  It  can  be  applied 
in  a  very  similar  manner  to  [SSB02].  In  the  appendix  we  describe  how  it  can  also  be  applied  to  some 
of  the  other  procedures  that  we  referred  to  earlier. 

Let  p  be  an  equality  formula  in  Disjunctive  Normal  Lorm  (DNL),  i.e.,  p  :  \J  f\pk  where  p/.  is 
an  equality  predicate  of  the  form  i  =  j  or  i  f  j  for  some  variables  i  and  j  (we  later  abandon  the 
requirement  for  having  the  formula  in  DNL.  We  only  need  it  here  for  clarity  of  the  explanation). 

Proposition  1.  p  is  unsatisfiable  if  and  only  if  each  of  its  clauses  contain  a  sub-formula  of  the  form 
%j)  ■  ii  ^  *2  A  *2  =  *3  . . .  A  =  i  1  for  n  >  2.  We  call  an  unsatisfiable  cycle. 

1  We  assume  in  this  note  that  the  reader  is  familiar  at  least  with  [BVOO]  and  [SSB02] 
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The  following  procedure  relies  on  proposition  1 : 

1.  Encode  each  predicate  of  the  form  i  =  j  in  p  with  a  new  Boolean  variable  aj.  Let  ip"  denote 
the  encoded  formula. 

2.  Construct  a  graph  G(V.  E )  s.t.  the  nodes  are  the  variables  in  ip  and  there  is  an  edge  (i.  j )  in  E  if 
and  only  if  there  is  a  predicate  i  =  j  in  ip. 

3.  For  each  cycle  C  of  predicates  that  belong  to  the  same  clause,  add  a  constraint  to  ip"  that  forbids 
an  assignment  in  which  exactly  \C\  —  1  edges  are  assigned  TRUE. 

The  formula  ip"  is  a  conjunction  of  two  subformulas,  which  we  denote  by  ip'j  and  ip",  p"  is  the 
Boolean  encoding  of  p  resulting  from  step  1 .  p"  is  a  conjunction  of  the  constraints  that  we  add  in 
step  3. 

The  difference  between  p" ,  as  derived  in  this  procedure,  and  p' ,  the  formula  derived  in  [BVOO], 
is  that  in  the  latter  transitivity  constraints  are  added  regardless  of  the  Boolean  connectives  of  p.  In 
other  words,  a  constraint  is  added  to  p'  for  each  cycle  of  predicates,  even  if  these  predicates  do  not 
share  a  clause.  The  following  proposition  justifies  this  reduction: 

Proposition  2.  p"  is  satisfiable  if  and  only  ifp'  is  satisfiable. 

Proof.  (<=)  p"  has,  by  construction,  only  a  subset  of  the  constraints  of  p' .  Therefore  it  is  trivial  that 
if  p'  is  satisfiable  then  so  is  p" .  (=>)  Assume  p,  and  consequently  p' ,  is  unsatisfiable.  In  this  case, 
according  to  proposition  1,  each  of  the  clauses  of  p  has  an  unsatisfiable  cycle  C.  Since  the  predicates 
of  C  are  conjuncted,  in  order  to  satisfy  the  corresponding  encoded  cycle  in  p"  Ae,2,,3  A . . .  A 

the  first  variable  (e,j,j2)  has  to  be  FALSE  and  the  rest  have  to  be  TRUE,  i.e.  exactly  \C\  —  1 
edges  are  assigned  TRUE.  But  this  contradicts  the  constraints  that  are  added  to  p"  in  step  3.  Hence, 
the  encoded  cycle  can  not  be  satisfied,  and  therefore  p"  is  unsatisfiable.  Thus,  if  p"  is  satisfiable, 
then  so  is  yA  □ 

The  above  decision  procedure  is  computationally  expensive,  because  it  requires  p  to  be  in  DNF, 
which  may  impose  an  exponential  growth  in  the  size  of  the  formula.  Fortunately  this  is  not  really 
required.  We  can  predict,  in  polynomial  time,  which  predicates  would  share  a  clause  if  the  formula 
was  transformed  to  DNF.  This  can  be  done  with  a  syntactic  analysis  of  p'j,  as  explained  in  the  next 
subsection. 


2.1  Conjunctions  matrices 

Assume  p  is  given  in  Negation  Normal  Form  (all  negations  are  pushed  to  the  atomic  predicates). 
Consequently  all  the  internal  nodes  of  the  parse  tree  of  p'j,  except  those  that  are  immediately  adjacent 
to  the  leafs,  correspond  to  either  disjunctions  or  conjunctions  (recall  that  p'f  represents  a  Boolean 
encoding  of  p's  predicates)  .  For  each  pair  of  leafs,  there  is  a  single  internal  node  from  which 
these  two  leafs  can  be  reached  via  non  overlapping  directed  paths.  We  call  the  Boolean  operand 
represented  by  this  node  the  joining  operand  of  these  two  leafs. 

Example  1.  Consider  the  formula: 


p  :  (xi  =  x2)  A  (x3  ±  x4  A  (x4  =  x5  V  x5  =  x6)) 
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The  Boolean  encoding  of  p>  is  given  by 

f  •  6X1,X2  A  (“ 1 lCX3,x4  A  (CX4,X5  V  & X5,X6 ) 

The  joining  operand  of  eX3,x4  and  ex5.x(j  is  ‘A’.  The  joining  operand  of  eX4,X5  and  ex3.xtj  is  ‘V’. 

□ 

For  simplicity,  we  first  assume  that  no  predicates  appear  in  pi  more  than  once.  Denote  by  pP  the 
formula  ip  after  it  is  transformed  to  DNF.  The  following  proposition  is  the  basis  for  the  prediction 
technique: 

Proposition  3.  Two  predicates  share  a  clause  in  pP  if  and  only  if  their  joining  operand  is  a  con¬ 
junction. 

We  construct  a  matrix  that  holds  this  information  for  all  pairs  of  predicates: 


Definition  1.  Let  m  denote  the  number  of  predicates  in  p>.  The  conjunctions  matrix  Mv  ofp>  is  an 
m  x  m  binary,  symmetric  matrix,  where  Mv[ei,j][ek,i]  =  1  if  and  only  if  the  joining  operand  of  the 
two  predicates  i  =  j  and  k  =  l  is  a  conjunction. 

In  the  graph  G,  the  entries  of  AT,  can  be  thought  of  as  ‘edges  that  connect  edges’. 

For  a  given  pair  of  predicates,  it  is  a  linear  operation  (in  the  height  h  of  the  parse  tree)  to  check 
whether  their  joining  operand  is  a  conjunction  or  disjunction.  Therefore  constructing  AT,  has  the 
complexity  of  0(m,2h). 

The  information  in  M:p  is  sufficient  for  concluding  whether  a  set  of  predicates  share  a  clause  in 

pD: 

Proposition  4.  A  set  of  predicates  share  a  DNF  clause  in  pP  if  and  only  if  their  associated  entries 
in  the  conjunctions  matrix  form  a  clique. 

Note  that  the  ’clique’  refers  to  the  edges  between  the  edges  of  G,  and  not  to  the  edges  of  G  itself. 

Given  a  set  of  predicates,  finding  whether  they  form  a  clique  in  AT-  is  quadratic  in  the  size  of 
the  set.  Thus,  we  do  not  require  anymore  that  p>  is  given  in  DNF,  and  pay  a  quadratic  price  for  this 
in  step  3  of  the  procedure. 


Example  2.  Consider  the  formula  pi  :  x 
matrix  is 


Mv  = 


=  yA(y  =  z\/x  =  z).  The  corresponding  conjunctions 


ex,y 

el l,z 

6x,Z 

Cx,y 

0 

1 

1 

ey,z 

1 

0 

0 

1 

0 

0 

(Note  that  Mv  is  symmetric  by  definition). 

The  graph  G  includes  the  cycle  x  —  y  —  z.  But  since  Mv[eV)Z][ex,z\  =  0,  there  is  no  clique 
between  its  edges,  and  we  can  therefore  conclude  that  these  three  predicates  do  not  share  a  clause  in 
pP .  Consequently  no  constraint  is  added  to  pi" .  □ 
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2.2  Handling  repeating  predicates 

Practically  most  formulas  contain  predicates  that  appear  more  than  once,  in  different  parts  of  the 
formula.  We  will  denote  by  e\ ^  k  >  1  the  k  instance  of  the  predicate  in  ip It  is  possible  that 
the  same  pair  of  predicates  will  have  different  joining  operands.  There  are  two  possible  solutions  to 
this  problem: 

1.  Represent  each  predicate  instance  as  a  separate  edge.  This  will  make  G  a  multigraph,  where  the 
number  of  edges  between  two  nodes  i.  j  is  equal  to  the  number  of  instances  of  the  predicate 
i  =  j  in  ip.  The  size  of  the  matrix  Mv  will  grow  accordingly. 

2.  Assign  M^[e;c,2/][eZ)z]  =  1  if  there  exists  an  instance  of  x  =  y  and  of  z  =  l  with  a  joining 
operand  ‘A’. 

For  comparison  between  the  two  options,  denote  the  matrix  constructed  in  option  i  by  MT .  Then 
M^[ex,y}[ez,i]  =  1  if  and  only  if  there  exists  hi,  k-2  s.t.  -M*  [e^][e^]  =  1. 

The  second  option  has  a  more  concise  representation,  but  may  result  in  redundant  constraints,  as 
the  example  below  demonstrates. 

Example  3.  Consider  the  formula  p  :  (x  =  y  A  (y  =  z  V  x  =  z))  V  (y  =  z  A  x  =  z).  The  two 
options  are  depicted  in  Fig.  1 . 


Fig.  1.  Handling  multiple  instances  of  predicates  through  (a)  separate  edges  and  (b)  joint  edges. 


Following  option  2  (Fig.  1(b))  will  yield  a  redundant  constraint,  because  the  information  that  the 
three  predicates  never  appear  together  in  the  same  clause  is  lost.  On  the  other  hand  this  is  a  more 
concise  representation  than  the  first  option.  □ 

Redundant  constraints  can  not  make  the  method  incomplete.  Recall  that  all  of  these  constraints 
are  part  of  ip',  which,  according  to  [BVOO],  is  satisfiable  if  and  only  if  ip  is  satisfiable. 


3  Chordal  graphs 

Since  there  can  be  an  exponential  number  of  cycles  in  G,  both  [BVOO]  and  [SSB02]  first  make  the 
graph  chordal  by  adding  edges  to  the  graph.  An  undirected  graph  is  chordal  iff  every  cycle  of  size 

4  or  more  has  an  internal  chord.  In  the  case  of  directed  and  weighted  graphs  the  definition  is  more 
complicated:  it  refers  to  directed  cycles  of  size  4  or  more,  and  each  chord  from  node  i  to  j  is  a 
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projection  of  the  path  between  these  two  nodes  on  the  cycle.  In  both  of  these  references,  it  is  proven 
that  in  a  chordal  graph,  if  a  transitivity  constraint  is  violated,  then  a  transitivity  constraint  of  a  cycle 
of  size  3  is  violated  as  well.  This  allows  them  to  add  constraints  only  for  cycles  of  size  3  or  less. 
Consequently  the  number  of  constraints  reduces  to  a  polynomial  in  [BVOO]  and  have  a  similar  effect 
in  some  cases  considered  by  [SSB02].  We  now  examine  the  question  of  how  to  integrate  conjunctions 
matrices  with  chordal  graphs.  Again,  we  concentrate  on  [BVOO].  A  known  procedure  for  making  a 
graph  chordal  is  the  following: 

While  there  are  vertices  in  the  graph  { 

i)  select  a  variable  v. 

ii)  add  chords  between  all  immediate  neighbors  of  v. 

iii)  remove  v  and  its  adjacent  edges  from  the  graph. 

} 

In  the  case  of  [SSB02]  the  procedure  is  slightly  more  complicated  in  line  ii),  because  the  graph 
is  directed  and  weighted.  One  may  think  of  this  as  an  iterative  procedure  of  eliminating  variables 
and  projecting  their  associated  constraints  to  the  remaining  variables  (similar  to  the  Fourier-Motzkin 
technique). 

Integrating  conjunctions  matrices  into  this  process  is  simple:  we  only  need  to  project  information 
from  pairs  of  constraints  (edges)  that  have  a  conjunction  as  their  joining  operand.  Thus,  we  change 
line  ii)  as  follows: 

ii)  add  a  chord  (x.  y)  if  and  only  if  (x,  v)  €  E  and  (v,  y)  €  E  and  =  1. 

We  demonstrate  the  effectiveness  of  this  method  in  the  case  of  the  directed  weighted  graphs  of 
[SSB02].  The  main  problem  in  applying  [SSB02]  is  that  the  process  of  making  the  graph  chordal  may 
add  an  exponential  number  of  edges.  Conjunctions  matrices  can  significantly  reduce  this  number,  as 
demonstrated  by  the  example  below. 

Example  4.  Consider  the  diamond  shaped  topology  of  Fig.  2.  Assume  that  all  edges  are  conjoined 
with  one  another  (they  all  appear  in  the  same  clause)  except  the  edge  between  u0  and  Vi,  which 
appears  in  a  separate  clause.  Also  assume  some  arbitrary  distribution  of  weights  over  these  edges. 
We  now  analyze  what  different  procedures  do  with  such  a  formula: 

1.  In  methods  based  on  case  splitting,  such  as  Pratt’s  method  [Pra77]  (which  performs  a  graph 
analysis  similar  to  [SSB02]  but  assumes  that  all  edges  are  conjoined),  the  formula  is  first  trans¬ 
formed  to  DNF,  and  then  each  clause  is  analyzed  separately.  In  this  case  an  exponential  number 
of  graphs  will  be  constructed,  only  to  discover  that  non  of  them  contains  a  cycle. 

2.  In  [SSB02],  in  the  worst  case  an  exponential  number  of  chords  is  added  to  the  graph,  and  an 
exponential  number  of  constraints  is  added  to  the  formula. 

3.  When  using  a  combination  of  [SSB02]  and  conjunction  matrices,  no  chords  are  added  to  the 
graph,  no  constraints  are  added  to  the  formula,  and  the  procedure  terminates  in  linear  time. 
This  means  that  this  combination  of  methods  is  able  to  capture,  efficiently,  the  fact  that  there 
are  no  conjoined  cycles  in  this  graph.  Note  that  constraints  are  always  associated  with  cycles 
and  therefore  a  sub-graph  without  cycles  shouldn’t  impose  any  constraints.  With  the  help  of 
conjunctions  matrices  we  can  take  this  rule  one  step  further,  and  say  that  only  conjoined  cycles, 
i.e.,  cycles  of  predicates  that  share  the  same  clause,  should  impose  a  constraint.  In  the  graph  of 
Fig.  2  there  are  no  such  cycles  and  therefore  an  optimal  procedure  will  not  add  constraints  at  all. 
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Yet,  the  process  of  making  the  graph  chordal,  even  if  it  doesn’t  contain  a  cycle,  may  add  chords 
(assuming  we  do  not  explicitly  look  for  such  sub-graphs  and  discard  them).  Chordal  graphs 
are  not  unique,  i.e.,  for  a  given  graph  G,  there  are  many  possible  completions  of  G  that  make  it 
chordal.  The  order  in  which  nodes  are  chosen  in  step  i)  determines  the  exact  chordal  completion, 
and  therefore  various  heuristics  can  be  used  in  order  to  minimize  the  number  of  added  chords. 
The  implementation  of  [SSB02]  uses  a  simple  greedy  criterion:  at  each  iteration  it  picks  the 
node  that  imposes  the  minimal  number  of  added  chords.  For  the  graph  of  Fig.  2  this  criterion 
is  sufficient  for  identifying  that  no  additional  chords  are  needed:  due  to  the  conjunctions  matrix 
analysis  no  chord  is  added  if  Vo  is  removed,  and  therefore  it  is  removed  first.  Now  the  removal 
of  Vi  will  not  add  any  edges  (because  it  doesn’t  have  incoming  edges),  and  so  forth.  Thus,  nodes 
are  removed  from  right  to  left  without  adding  chords  or  constraints. 

□ 


Fig.  2.  An  n  diamonds  topology,  where  the  edge  («o,  Vi)  is  disjointed  from  the  rest  of  the  formula. 


4  Reconstruction  of  a  satisfying  assignments 

In  many  applications  knowing  whether  a  formula  is  satisfiable  or  not  is  not  enough.  The  actual 
satisfying  assignment  to  p  has  to  be  reconstructed.  The  satisfying  assignment  to  p'  (recall  that  p1 
denotes  the  encoded  formula  of  [BVOO]  without  conjunctions  matrices)  indicates  the  Boolean  value 
that  each  predicate  should  evaluate  to  in  order  to  satisfy  p.  It  is  not  hard  to  derive  the  values  for 
p's  variables  from  this  information.  Let  a  be  a  satisfying  assignment  to  p1  and  let  Gt(V,Et )  be 
a  graph  s.t.  V  correspond  to  p's  variables,  and  Et  =  {e|e  €  E  A  a(e )  =  T},  i.e.,  the  edges  in 
Et  correspond  to  the  edges  in  G(V.  E)  that  were  assigned  TRUE  by  a.  To  construct  a  satisfying 
assignment  to  p,  decide  on  a  unique  value  to  each  maximal  connected  component  on  G'y  ,  and  then 
assign  this  value  to  each  of  the  nodes  (variables)  in  the  component.  By  construction  this  assignment 
will  evaluate  all  predicates  in  p  the  same  way  as  their  encoding  was  evaluated  in  p1 . 

This  becomes  more  complicated  with  conjunctions  matrices,  because  the  assignments  to  p"'s 
predicates  can  not  always  be  reconstructed  in  p  simultaneously.  For  example  in  the  formula  p"  : 
ex,y  V eVyZ  V eXtZ  a  possible  satisfying  assignment  is  one  in  which  the  first  two  predicates  are  assigned 
TRUE  and  the  third  predicate  is  assigned  FALSE.  Since  there  is  a  disjunction  between  these  predicates, 
no  constraint  is  added  to  p"  that  will  prevent  such  an  assignment.  Clearly  no  values  can  be  assigned 
to  x,  y,  z  in  the  original  formula  p  s.t.  x  =  y:y  =  z  will  be  true  and  x  =  z  is  false.  With  conjunctions 
matrices,  we  are  able  to  reconstruct  a  satisfying  assignment  of  one  or  more  clauses  of  pD ,  but  not 
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necessarily  all  of  them  at  the  same  time.  Clearly  one  clause  is  sufficient  to  satisfy  ip,  but  the  problem 
is  that  we  do  not  know  which  one  it  is. 

We  could  not  find  a  polynomial  solution  to  this  problem  in  each  of  the  procedures  that  are  based 
on  Boolean  encoding  [GSZ+98,BV00,SSB02],  and  we  leave  it  as  an  open  problem.  If  there  is  no 
such  solution  and  the  satisfying  assignment  is  needed,  then  conjunctions  matrices  can  not  be  used. 
Procedures  that  are  not  based  on  encoding,  but  rather  on  allocation  of  a  finite  domain  to  each  vari¬ 
able  [PRSS99.BGV99]  do  not  have  this  problem,  because  the  satisfying  assignment  assigns  values 
directly  to  tp’s  variables. 

The  relevance  of  conjunctions  matrices  to  [PRSS99.BGV99]  as  well  as  to  [GSZ+98]  is  briefly 
described  in  the  appendix. 
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A  Conjunctions  matrices  applied  to  other  procedures 

We  shortly  describe  how  conjunctions  matrices  can  be  combined  with  the  methods  of  Goel  et  al. 
[GSZ+98],  Bryant  et  al  [BGV99]  and  Pnueli  et  al.  [PRSS99].  All  three  methods  decide  the  same  type 
of  formulas  as  [BV00],  i.e.  a  propositional  combination  of  equalities.  In  the  following  description  it 
is  assumed  that  the  reader  is  familiar  with  these  methods. 


Goel  et  al.  [GSZ+98]:  The  method  is  based  on  encoding  of  the  formula,  similar  to  [BV00].  After 
encoding,  the  resulting  formula  is  represented  as  a  BDD.  Then  the  procedure  looks  for  consistent 
paths  in  the  BDD  that  lead  to  ’1’.  A  consistent  path  is  an  assignment  to  the  Boolean  variables 
that  do  not  contradict  the  transitivity  of  equality.  For  example,  a  path  in  which  and  ejk  are 
TRUE  but  eik  is  FALSE  is  inconsistent,  because  it  contradicts  the  implicit  transitivity  constraint  i  = 
j  A  j  =  k  -A  i  =  k.  With  conjunctions  matrices,  an  inconsistent  path  is  one  that  includes  the  above 
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assignment  and  all  three  predicates  share  the  same  clause  in  ipD .  For  example,  consider  the  formula 
p>\  x  =  y\ly  =  z\lz^x.  An  assignment  TRUE  to  all  three  predicates  is  a  valid  assignment 
although  it  can  not  be  reconstructed  in  ip.  The  only  information  that  this  assignment  gives  us  is  that 
it  is  possible  to  satisfy  separately  each  of  these  clauses. 

Bryant  et  al.  [BVOO]:  The  method  is  based  on  assigning  unique  constant  values  to  positive  terms 
(p-terms),  while  assigning  an  increasing  range  of  values  to  other  terms  ((/-terms).  For  a  connected 
component  of  size  n  of  (/-terms,  the  resulting  range  imposes  a  state-space  of  n\.  The  definition  of 
a  ‘connected  component’  can  be  changed  to  incorporate  the  information  given  by  the  conjunctions 
matrix.  A  connected  component  is  a  set  of  (/-terms  that,  in  addition  to  the  fact  that  they  are  connected 
on  the  graph  G,  they  also  share  a  clause  in  tpD . 


Pnueli  et  al.  [PRSS99]:  The  method  is  based  on  finding  a  small  domain  (a  range  of  values)  for  each 
variable  which  is  sufficient  for  preserving  satisfiability.  This  is  also  a  graph-based  algorithm,  but 
there  are  two  types  of  edges  in  this  graph,  G=  and  G  ^ ,  corresponding  to  equalities  and  disequalities 
in  respectively  (G  is  thus  a  union  of  these  two  graphs,  and  some  of  the  nodes  are  shared  by 
both  sub-graphs).  In  each  step,  a  shared  node  v  is  given  a  new  unique  value  char{v)  (called  the 
characteristic  value  of  v).  Then,  char(v)  is  added  to  the  range  of  all  other  nodes  that  have  a  G=  path 
to  v.  Finally,  v  is  removed  from  the  graph,  and  the  process  is  repeated  until  there  are  no  more  shared 
nodes.  With  conjunctions  matrices,  this  can  be  altered:  the  value  needs  to  be  given  to  every  node  that 
has  a  conjoined  G=  path  to  v,  i.e.  the  edges  in  the  path  share  a  clause  in  <pD .  Other  stages  in  this 
algorithm  can  be  altered  in  a  similar  way,  although  the  above  step  has  the  largest  effect  on  the  size 
of  the  computed  domains. 


